6 messages in org.apache.tomcat.usersRe: Form Based Authorization Question| From | Sent On | Attachments |
|---|---|---|
| David Haraburda | Jan 9, 2001 3:40 pm | |
| Michael Wentzel | Jan 10, 2001 4:08 am | |
| David Haraburda | Jan 11, 2001 3:07 pm | |
| Craig R. McClanahan | Jan 11, 2001 3:23 pm | |
| David Haraburda | Jan 11, 2001 4:25 pm | |
| Craig R. McClanahan | Jan 11, 2001 4:36 pm |
| Subject: | Re: Form Based Authorization Question | |
|---|---|---|
| From: | David Haraburda (dav...@haraburda.com) | |
| Date: | Jan 11, 2001 3:07:48 pm | |
| List: | org.apache.tomcat.users | |
Hi,
Thanks for responding. I'm not sure what you mean exactly. If you mean grab the Referer header, that isn't working (and I thought that only worked when you clicked on a link on some page that took you to the current page). getHeader("Referer") is returning null after a redirect. I thought there was some way to figure out what the original location was after a redirect? Do you, or does anyone know what it is?
Thanks, David
Michael Wentzel wrote:
I am implementing the Java Servlet Form based login mechanism in my web application, and had a question. Is it possible for me to have a "default location" that a user goes to when they login? In many instances, a user will go directly to the login JSP, rather than requesting a web resource first (which then causes Tomcat to display the login page, and then redirect back to the resource after authentication). If they haven't requested a resource, I'd like the login to take them to their "home" (different roles have different homes in my application). The only way I see right now is to check and see if session.getAttribute( "tomcat.auth.originalLocation" ) is null, but that seems rather naughty... is this the only way of doing it. I have written my own Realm object (that extends BaseInterceptor) for authentication/authorization purposes. Could something be done in there?
One solution to to check the referring document and see if it's a valid one otherwise go to default for user determined from database.
--- Michael Wentzel Software Developer <A HREF="http://www.aswethink.com">Software As We Think</A> <A HREF="mailto://went...@aswethink.com">Michael Wentzel</A>
-- David Haraburda - dav...@haraburda.com Outsourcing Center - Providing Insight Into Outsourcing 972-980-0013 x736